Jump to the main content

Plant Safety

Plant Safety: Available and Safe Production Systems

As the complexity of plants increases along with a demand for return on investment, so do requirements for adequate measures to avoid production outages while increasing safety. TÜV AUSTRIA’S range of services in the plant safety sector offers competent advice on minimizing risks.

From the initial idea for an industrial plant all the way to when it is decommissioned, there is always a necessity to systematically record risks and, when needed, implement improvement measures. Depending on the status of a plant, be it the planning phase, commissioning or optimization of the plant, TÜV AUSTRIA offers the appropriate tools and methods for determining, evaluating and reducing all the various operational and technical risks.

The result is state-of-the-art plants with high safety and availability for operators, planners and manufacturers in a wide variety of industrial sectors.

Industrial Sectors

  • Chemical industry
  • Petrochemical industry
  • Iron and steel industry
  • Energy suppliers
  • Foodstuffs and pharmaceutical industries
  • Pulp and paper industry
  • Production facilities
  • Recycling and waste recovery companies

Systematic Hazard and Risk Analyses

Current understanding of safe operation of plant and machinery requires a systematic approach in order to reliably identify and eliminate risks or reduce them to an acceptable level. In addition to protecting people and the environment, this also encompasses economic risks such as production outages up to the destruction of individual components or even entire plants.

The aim of systematic risk analysis is to identify and evaluate possible divergences from intended and planned functions and activities.

The outcome of systematic hazard and risk analyses results in:

  • Identification of vulnerabilities
  • Specific instructions for necessary modification measures
  • Reliable results provided by a team of experts and traceable documentation
  • Planning reliability

When a team of experts participating in an analysis is assembled, both by the operators and by the planners of a new plant, care must be taken to cover all aspects of the plant, such as: production, process engineering, electrical engineering, automation technology, chemistry, apparatus and pipeline construction, and maintenance. The analysis is led by an independent facilitator from TÜV AUSTRIA SERVICES GMBH and the outcome of the discussions is recorded by a secretary for all to see.

What-If and SWIFT

The What-if Technique is a very flexible brainstorming method. It involves asking a number of questions starting with the phrase “what if” so as to identify possible hazards. However, since no topics or question words are given, the outcome depends strongly on the team’s experience. That is why this is often combined with a predefined catalogue of topics (SWIFT).

The SWIFT (Structured What-If Technique) was originally developed as a simpler alternative to  HAZOP analysis. It is a systematic, team-based procedure in which the missing structure of the What-If procedure is compensated by topic catalogues tailored to the respective application.

For less complex plants, the SWIFT can be an alternative to  HAZOP method.  However, using both methods in combination can also be advantageous. In such cases, for example, SWIFT covers hazards at the general plant level, while HAZOP addresses process hazards specifically.


The HAZOP (HAzard and OPerability) method has proven to be particularly efficient and flexible among the various methods for identifying sources of hazards, especially in highly complex systems.

HAZOP describes a systematic approach to finding non-obvious sources of hazards in systems of all kinds. It is characterized by the methodical, guided brainstorming of an interdisciplinary group of experts, which requires specialist knowledge and experience in a wide variety of disciplines. The aim is to identify a wide variety of divergences from the intended operation of a system and to discover their respective causes. The listing of possible divergences is the starting point for estimating the effects and determining appropriate countermeasures.


FMEAs (Failure Mode and Effect Analyses) are usually carried out in interdisciplinary teamwork. FMEA starts with the failure of a component and then considers the effects of this failure on the overall system.

Very often, only FMEA is spoken of, although it is actually FMECA (Failure Mode and Effects and Criticality Analysis). While an FMEA provides purely qualitative results, the FMECA assesses the risk, as is the case in most automotive industry worksheets.

The FME(C)A is mostly used in the production of mass-produced components and is not so widely represented in process industry. It is commonly used to determine the quality of a barrier or individual components within the barrier.

LOPA - Layer of Protection Analysis

LOPA (Layer of Protection Analysis) is a semi-quantitative method for carrying out a risk assessment and risk evaluation. The quality of safety equipment for process-related operational sources of hazards is determined and reviewed. LOPA is always based on a previous qualitative method (SWIFT, HAZOP). In the course of this qualitative examination, it may turn out that some scenarios are to be subjected to a more detailed examination using LOPA.

Deciding factors for performing a LOPA are:

  • A specific potential effect (such as an irreversible injury or release of a substance)
  • A previously defined tolerable risk per scenario (such as: minimized risk matrix or risk priority number)
  • Expert decision by the team

If the quality of the safety equipment for a scenario is specified by a specific standard, a set of rules or by the manufacturer, it is not necessary to classify the safety equipment according to the LOPA method, since LOPA cannot call into question the protective equipment required in these specific sets of rules either. In many cases, however, rules and regulations do not prescribe the quality of safety equipment as a fixed requirement, but rather define it on the basis of a risk analysis.


Bow-Tie Analysis is a structured, qualitative method for risk assessment. The result is a diagram that combines both the chain of cause and hazard (fault tree) as well as the chain of consequence steps (event tree). The fault tree on the left and the event tree on the right are connected by the associated top event (such as a product release) in the middle.

The Bow-Tie diagram provides a snapshot of the cause/hazard and consequences of the main scenarios as well as control elements at the time of analysis. It also provides a snapshot of the barriers used to prevent the occurrence of the adverse event or to limit its impact. Once the examination is complete, the situation may change, for example because control measures have taken effect.

Bow-Tie diagrams are created by depicting following building blocks:

  • Hazard (example: presence of hydrocarbons)
  • Top event due to hazard (example: product release)
  • Causes that enable the occurrence of a top event
  • Consequences due to the occurrence of a top event
  • Barriers which are intended to prevent the occurrence of the top event on the causal side (preventive control barriers)
  • Barriers intended to reduce the extent of damage once a top event has occurred (mitigative barriers)

A Bow-Tie diagram should be prepared, if possible, for all Major Accident Hazards (MAHs) which are to be identified in a hazard and risk analysis if necessary.

QRA - Quantitative Risk Assessment

The objective of the QRA (Quantitative Risk Assessment) is to assess individual and societal risks associated with major accident hazards. Essentially, effects caused by incidents on occupied buildings (such as control rooms or administration buildings) within a plant area as well as effects which extend beyond the boundaries of the plant (neighboring plots of land or roads) are examined and assessed, taking the relevant population into account.

The scenarios used to prepare a QRA are those that are part of the Fire and Explosion Analysis (FEA) and may also include cases prescribed by the relevant methodology (Purple Book).

Impact analyses done with propagation calculations are used for external emergency planning and can be called on for spatial planning and surface area use planning.

Subassembly evaluation

  • Consulting in the preparation and assessment of safety concepts for subsystems
  • Development of the fundamentals for the required conformity assessment of subassemblies according to Pressure Equipment Directive 97/23/EC
  • Support in implementing the requirements of the Machinery Directive 2006/42/EC (formerly 98/37/EC) and other applicable directives

Subassembly Evaluation

Field of application:

Subassemblies are functional units consisting of a wide variety of individual components or systems. Typical process plants are made up of machines, pressure equipment and components to control and regulate the processes. The size of subassemblies ranges from relatively small units to complete systems.

To ensure safe operation of the overall plant, safety equipment for the individual devices and use of tested individual parts are both essential. In addition, the specific hazards arising from the interaction of individual components in complex systems must be taken into account. This requires a comprehensive overall safety concept to reliably protect people, the environment and property. 

TÜV AUSTRIA’s scope of services:

  • Consulting on required documentation
  • Performance of a systematic safety analysis, tailored to your specific problem
  • Assessment of the safety concept according to the requirements of Pressure Equipment Directive 2014/68/EU
  • Assessment of the safety concept according to the requirements of Machinery Directive 2006/42/EC (formerly 98/37/EC)
  • Assessment of conformity according to the current status of the rules and regulations as well as the legal framework conditions

Safety Report according to SEVESO III Directive

  • Testing and assessment of all internal and external sources of hazards as well as suitable countermeasures
  • Propagation calculations and quantitative risk disclosure
  • Requirement for businesses falling under Section 8a of the Trade Regulation Act [Gewerbeordnung] (BGBl. I 88/2000)
  • Recommendation for businesses working with lower quantities of dangerous substances
  • National implementation of the SEVESO Directive in accordance with Section 8a of the Industrial and Commercial Accidents Act (Gewerbe- und Industrieunfallverordnung)

Safety Report according to SEVESO III Directive

Requirements for safety reports:

  • Identification of hazards which may cause major accidents
  • Outline of the concept for preventing major accidents
  • Outline of how their design, operation and maintenance make all the technical installations sufficiently safe and reliable.
  • Summary of the internal emergency plan and the safety management system
  • Provision of sufficient information to the public authorities for land-use planning in the vicinity of the plant and for decisions on the location of new industrial areas.

TÜV AUSTRIA’s scope of services:

  • Preparation of your complete safety report
  • Impact analyses in the form of material and thermal propagation calculations, also in the context of official authorization procedures
  • National implementation of the SEVESO Directive in accordance with Section 8a of the Industrial and Commercial Accidents Act [Gewerbe- und Industrieunfallverordnung]
  • Support in preparing and updating your internal emergency plan
  • Provision of experts in negotiations with the public authorities
  • Collaborative development of solutions for vulnerabilities in your safety system
  • Assistance in implementing plant modifications or operating modes (such as shift reduction, 24-hour operation or installation of a central emergency shut-off system)
  • Providing state-of-the-art know-how based on many years of experience
  • Coordination of consultation meetings with neighboring and domino operations

Assistance in communicating with the general public who might be affected by an industrial accident.

Explosionprotection Document

Legal basis:

Explosion protection is of central importance in all operations where flammable liquids, gases or dusts are handled.

The minimum requirements for improving the protection of the health and safety of workers potentially at risk from explosive atmospheres are regulated within the EU by Directive 1999/92/EC. In Austria, the EU directive is implemented in the Explosive Atmospheres Act (VEXAT) BGBl. II 309/2004.

Operators of plants in which explosive atmospheres may occur must be able to submit an explosion protection document.

Requirements for explosion protection documents:

  • Determination of the probability and duration of the occurrence of explosive atmospheres under the various operating conditions at the plant
  • Proof of the effectiveness of technical and organizational explosion protection measures
  • Location and classification of potentially explosive areas in zones
  • Classification of equipment and protective systems, tests and measurements in potentially explosive areas
  • Warning and alarm conditions as well as information on coordination measures for external personnel

TÜV AUSTRIA’s scope of services:

  • Determination of the risk of the occurrence of explosive atmospheres and verification of protective measures using FMEA (Failure Mode and Effects Analysis)
  • Support in the preparation of ex-zone plans
  • Verification of measures to prevent ignition sources and reduce the impact of explosions using hazard analysis
  • Support in updating explosion protection documents
  • Inspection and coordination of required plant documentation
  • Support in talks with public authorities
  •  | Print
to top